Too often when software developers change jobs, they take source code they've written with them, feeling the code belongs to them even if it belongs to an employer. Code42's Joe Payne shares the challenges of detecting source code theft and ways to protect intellectual property wherever it resides.
The latest edition of the ISMG Security Report discusses the appearance at a Senate hearing this week by the former head of security for Twitter; the top-performing web application and API protection vendors, according to Gartner's Magic Quadrant 2022; and threat trends to watch for in 2023.
The U.S. Department of Justice obtained its first ever guilty plea in a cryptocurrency insider trading case after Nikhil Wahi, 26, admitted to a scheme to buy crypto assets ahead of their listing on Coinbase. Wahi is one of a trio facing charges that includes his brother, a former Coinbase employee.
Twitter security exec-turned-whistleblower Peiter Zatko today listed alleged security and privacy shortcomings of the social media company for a Senate panel. "It's not farfetched to say that an employee inside the company could take over the accounts of all of the senators in this room," he said.
Post-pandemic, in the new era of hybrid work, Mastercard CSO Ron Green says the unintentional insider threat is one of his top concerns for member institutions and their customers. He shares insight on threats, partnerships and how the public and private sectors can address workforce development.
Would you trust an accused hacker? Specifically, one Nickolas Sharp, a software developer charged with extorting former employer Ubiquiti, after allegedly engineering a data breach and posing as an anonymous whistleblower in media interviews.
Fintech company Block faces a putative class action demanding damages for customers affected by a 2021 data breach that affected 8.2 million individuals. The company, formerly known as Square and co-founded by former-Twitter CEO Jack Dorsey, disclosed the breach in April.
A U.S. federal jury convicted former Twitter employee Ahmad Abouammo for spying on Saudi Arabian dissidents on behalf of Saudi Arabia. The jury also found him guilty of conspiracy to commit wire fraud, falsification of records and money laundering.
Cybersecurity doesn’t have competitors, it has adversaries. They react to every defense we put in place and seek new ways to achieve their aims - whether they be cybercrime, espionage, or hacktivism. The attackers are innovative, and they share new ways to exploit any vulnerability, so defenders need to share...
Joshua Schulte now faces a minimum of 80 years in prison after a Manhattan federal jury returned guilty verdicts in all nine counts brought against the former CIA programmer by U.S. prosecutors. Schulte leaked a trove of classified hacking secrets used in espionage.
Threat actors are using deepfakes to apply for remote employment at U.S. tech companies in a bid to gain access to corporate financial and customer data, internal databases and proprietary information. Fraudsters used stolen PII to make deepfake videos for personal interviews, says the FBI.
Four ISMG editors discuss important cybersecurity issues, including how Canada's Desjardins Group settled a data breach lawsuit for $155 million, how Facebook is being sued after allegedly violating patient privacy, and highlights from ISMG's Northeast Summit held in New York this week.
When building an insider risk management program, don't start "too large or too quickly," says Randy Trzeciak of Carnegie Mellon University. He says the first step is to protect your organization's critical assets and services and then "build a risk program appropriate to those assets."
The "Great Resignation" over the past year has created a host of concerns around both malicious and accidental data theft, says Code42 President and CEO Joe Payne. Even though employees often aren't looking to wreak havoc on their way out, a lack of understanding can lead to serious headaches.
Investment platform Cash App, a subsidiary of U.S.-based payments company Block, says it has been breached. The incident happened last year when a former employee downloaded reports containing Cash App U.S. customer information, including full names, brokerage account numbers and portfolio values.